Testing 3-D Secure (MPI) Solutions

When testing your implementation of the Moneris MPI, you can use the VISA/MasterCard/Amex PIT (production integration testing) environment. The testing process is slightly different than a production environment in that when the inLine window is generated, it does not contain any input boxes. Instead, it contains a window of data and a Submit button. Clicking Submit loads the response in the testing window.The response will not be displayed in production.

Note: MasterCard SecureCode may not be directly tested within our current test environment. However, the process and behavior tested with the Visa test cards will be the same for MCSC.

Note: VbV may only be tested in the following test stores

Canada

US

Store ID

store5

monusqa002

API Token

yesguy

qatoken

When testing you may use the following test card numbers with any future expiry date. Use the appropriate test card information from the tables below: Visa and Mastercard use the same test card information, while Amex uses unique information.

MPI test Card numbers (Visa and MasterCard Only)

Card Number

VERes

PARes

Action

4012001038443335

N

NA

Send transaction to Moneris Payment Gateway using either the basic Purchase or the basic Pre-Authorization transaction. Set crypt_type = 6.

Please refer to test case 1 below.

4012001038488884

U

NA

Send transaction to Moneris Payment Gateway using either the basic Purchase or the basic Pre-Authorization transaction. Set crypt_type = 7.

Please refer to test case 2 below.

4012001037141112

Y

True

TXN – Call function to create inLine window.

ACS – Send CAVV to Moneris Payment Gateway using either the Cavv Purchase or the Cavv Pre-Authorization transaction

Please refer to test case 6 below.

4005559876540

Y

True

TXN – Call function to create inLine window.

ACS – Send CAVV to Moneris Payment Gateway using either the Cavv Purchase or the Cavv Pre-Authorization transaction

Please refer to test case 7 below.

4012001037167778

Y

True

TXN – Call function to create inLine window.

ACS – Send CAVV to Moneris Payment Gateway using either the Cavv Purchase or the Cavv Pre-Authorization transaction

Please refer to test case 8 below.

4012001037461114

Y

False

Card failed to authenticate. Merchant may choose to send transaction or decline transaction. If transaction is sent, use crypt type = 7.

Test Case 3 – Invalid Response from Visa 3DS Environment

This test is to verify merchant processing when the merchant receives a response from the Visa 3DS Environment but there is a problem with the response that prohibits the MPI from continuing processing.

Action Send MPI request using the PAN value 4012001036298889.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a malformed VERes message back to the MPI.

MPI cannot interpret response. MPI hands control back to the Merchant's commerce server and proceeds with authorization without 3-D Secure.

Merchant processes standard Purchase or Pre-Authorization with an ECI of 7.

Test Case 4 – Invalid Issuer 3-D Secure Digital Signature

This test is to verify that, in the event that the digital signature of a PARes received from an Issuer 3-D Secure environment fails validation, the transaction is handled by the merchant as the equivalent of a failed authentication.

Action Send MPI request using the PAN value 4012001036853337.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the QA Issuer 3-D Secure environment.

The MPI fails to validate the digital signature and treats the transaction as a failed authentication: cardholder is messaged that the 3-D Secure authentication failed and is asked to try again or use another form of payment.

This test is to verify that, in the event a PARes is received with an expired Issuer 3-D Secure environment digital signature, the transaction is handled by the Merchant as the equivalent of a failed authentication.

Action Send an MPI request using the PAN value 4012001036983332.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3DS environment.

Issuer QA 3-D Secure environment returns a PARes with a digital signature signed using an expired certificate.

The MPI fails to validate the digital signature and treats the transaction as a failed authentication: cardholder is messaged that the 3-D Secure authentication failed and is asked to try again or use another form of payment.

Test Case 6 – Successful Authentication via 16-digit PAN

This test is to verify merchant processing of a successful 3-D Secure authentication using a 16-digit valid cardholder PAN.

Action Send an MPI request using the PAN value 4012001037141112.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3DS environment.

Issuer QA 3-D Secure environment returns a PARes with a CAVV value and a Transaction Status set to "Y" to the Merchant.

Successful Payer Authentication - Merchant processes standard CAVV Purchase or CAVV Pre-Authorization with an ECI of 5 and passing in the XID and CAVV values.

The MPI logs a successful 3-D Secure authentication.

Test Case 7 – Successful Authentication via 13-digit PAN

This test is to verify merchant processing of a successful 3-D Secure authentication using a 13-digit valid cardholder PAN.

Action Send an MPI request using the PAN value 4005559876540.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3-D Secure environment.

Issuer QA 3-D Secure environment returns a PARes with a CAVV value and a Transaction Status set to "Y" to the Merchant.

Successful Payer Authentication - Merchant processes standard CAVV Purchase or CAVV Pre-Authorization with an ECI of 5 and passing in the XID and CAVV values.

MPI logs a successful 3-D Secure authentication.

Test Case 8 – Successful Merchant Attempt via 16-digit PAN

This test is to verify merchant processing of a transaction that successfully qualifies for the liability shift for merchant attempt using a 16-digit cardholder PAN.

Action Send an MPI request using the PAN value 4012001037167778.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3-D Secure environment.

Issuer QA 3-D Secure environment returns a PARes with a CAVV value and a Transaction Status set to "A" to the Merchant.

Successful Merchant Attempt - Merchant processes standard CAVV Purchase or CAVV Pre-Authorization with an ECI of 6 and passing in the XID and CAVV values.

MPI logs a successful 3-D Secure merchant attempt.

Test Case 9 – Authentication Failure

This test is to verify merchant processing of a failed 3-D Secure authentication using a 16-digit PAN.

Action Send an MPI request using the PAN value 4012001037461114.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3-D Secure environment.

Issuer QA 3-D Secure environment returns a PARes without a CAVV value and a Transaction Status set to "N" to the Merchant.

Merchant presents cardholder with a message that the authentication has failed and asks the cardholder to try again or use another form of payment.

The MPI logs a failed 3-D Secure authentication.

Test Case 10 – Authentication Not Available

This test is to verify merchant processing of a 3-D Secure authentication when authentication is not available for the PAN.

Action Send an MPI request using the PAN value 4012001037484447.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3-D Secure environment.

Issuer QA 3-D Secure environment returns a PARes without a CAVV value and a Transaction Status set to "U" to the Merchant.

Merchant may proceed to processes standard Purchase or Pre-Authorization with an ECI of 7 without 3-D Secure liability shift.

The MPI log records a 3-D Secure authentication outcome of "Authentication Not Available".

Test Case 11 – Invalid Payer Authentication Response

This test is to verify merchant processing when an invalid PARes message is received from an Issuer 3-D Secure environment, preventing the merchant from interpreting the Issuer 3-D Secure environment’s response.

Action Send an MPI request using the PAN value 4012001037490006.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3-D Secure environment.

Merchant may proceed to processes standard Purchase or Pre-Authorization with an ECI of 7 without 3-D Secure liability shift or, depending on the individual merchant’s implementation decision, merchant informs cardholder that the authentication could not be completed and asks the cardholder to try again or use another form of payment.

This test is to verify merchant processing of a successful 3-D Secure authentication using a Visa eVisa signature certificate for the PARes.

Action Send an MPI request using the PAN value 4012001036273346.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

MPI generates and sends a PAReq to the Issuer QA 3-D Secure environment.

Issuer QA 3-D Secure environment returns a PARes with a CAVV value and a Transaction Status set to "Y" to the Merchant.

Successful Payer Authentication - Merchant processes standard CAVV Purchase or CAVV Pre-Authorization with an ECI of 5 and passing in the XID and CAVV values.

The MPI logs a successful 3-D Secure authentication.

Test Case 15 – Successful Authentication with Large URL

This test is to verify merchant processing of a successful 3-D Secure authentication using a 16-digit valid cardholder PAN with an Issuer 3-D Secure environment URL that contains a POST Parameter that is 2048 characters long.

Action Send an MPI request using the PAN value 4012001037141369.

Expected Results

Merchant connects to the Visa QA 3DS environment and sends a VEReq.

Visa QA 3DS environment sends a VERes message back to the MPI.

The URL field in the VERes contains a POST parameter that is 2048 characters long.

MPI generates and sends a PAReq to the Issuer QA 3-D Secure environment.

Issuer QA 3-D Secure environment returns a PARes with a CAVV value and a Transaction Status set to "Y" to the Merchant.

Successful Payer Authentication - Merchant processes standard CAVV Purchase or CAVV Pre-Authorization with an ECI of 5 and passing in the XID and CAVV values.

Â®MONERIS and MONERIS & Design are registered trade-marks of Moneris Solutions Corporation. VISA is a registered trade-mark of Visa International. MASTERCARD and MASTERCARD SECURECODE are registered trade-marks of MasterCard International Incorporated. DISCOVER is a registered trade-mark of Discover Financial Services. AMERICAN EXPRESS and AMERICAN EXPRESS SAFEKEY are registered trade-marks of American Express Company. INTERAC is a registered trade-mark of Interac Inc. Apple, the Apple logo, Apple Pay and iPhone are trademarks of Apple Inc., registered in the U.S. and other countries.

â„¢MONERIS BE PAYMENT READY & Design is a trade-mark of Moneris Solutions Corporation. ANDROID is a trademark of Google Inc. MASTERPASS is a trade-mark of MasterCard International Inc.All other marks or registered trade-marks are the property of their respective owners.